Lucene search
K
VmwareAria Operations For Networks

8 matches found

CVE
CVE
added 2023/06/07 2:16 p.m.662 views

CVE-2023-20887

CVE-2023-20887 affects VMware Aria Operations for Networks (formerly vRealize Network Insight). The vulnerability is a command-injection via the Apache Thrift RPC interface that allows an unauthenticated attacker with network access to execute arbitrary commands on the appliance as root, with CVS...

9.8CVSS9.8AI score0.98281EPSS
In wildWeb
CVE
CVE
added 2023/08/29 5:36 p.m.194 views

CVE-2023-34039

CVE-2023-34039 affects VMware Aria Operations for Networks (formerly vRealize Network Insight). Affected versions 6.0–6.10 did not regenerate SSH keys for the internal support/ubuntu users, enabling an attacker with network access to bypass SSH authentication and gain CLI access. Root cause: lack...

9.8CVSS9.7AI score0.64194EPSS
CVE
CVE
added 2023/08/29 5:38 p.m.115 views

CVE-2023-20890

VMware Aria Operations for Networks is affected by CVE-2023-20890, an arbitrary file write vulnerability that authenticated administrators can abuse to write files to arbitrary locations and achieve remote code execution. Nessus plugin confirms multiple affected 6.x versions; VMware has released ...

7.2CVSS8.7AI score0.2164EPSS
CVE
CVE
added 2024/02/06 7:36 p.m.81 views

CVE-2024-22237

CVE-2024-22237 affects VMware Aria Operations for Networks. The vulnerability is a local privilege escalation where a console user with access can escalate to root privileges. Affected product/version evidence: Aria Operations for Networks, 6.x, with exploitation noted for local privilege escalat...

7.8CVSS8.1AI score0.00246EPSS
CVE
CVE
added 2024/02/06 7:37 p.m.72 views

CVE-2024-22239

CVE-2024-22239 affects VMware Aria Operations for Networks (formerly vRealize Network Insight). The vulnerability is a local privilege escalation where a console user with access can escalate privileges to obtain a regular shell. VMware’s VMSA-2024-0002 details this alongside four related CVEs (2...

7.8CVSS8.1AI score0.00214EPSS
CVE
CVE
added 2024/02/06 7:39 p.m.71 views

CVE-2024-22240

CVE-2024-22240 affects VMware Aria Operations for Networks. The issue is a local file read vulnerability exploitable by a user with admin/management privileges, potentially allowing unauthorized access to sensitive data. Public details describe the vulnerability without providing exploit steps be...

4.9CVSS6AI score0.00615EPSS
CVE
CVE
added 2024/02/06 7:37 p.m.70 views

CVE-2024-22238

CVE-2024-22238 affects VMware Aria Operations for Networks. The vulnerability is a cross-site scripting (XSS) flaw caused by improper input sanitization that could allow a malicious actor with admin privileges to inject code into user profile configurations. Impacted product: Aria Operations for ...

6.4CVSS6.1AI score0.00498EPSS
CVE
CVE
added 2024/02/06 7:48 p.m.60 views

CVE-2024-22241

VMware Aria Operations for Networks (formerly vRealize Network Insight) is affected by CVE-2024-22241, a cross-site scripting vulnerability in the login banner that an admin user can abuse to inject code and allegedly take over a user account. Affected product/version: Aria Operations for Network...

4.8CVSS6.1AI score0.37849EPSS